package com.security.springcloud.order.controller;

import com.security.springcloud.order.model.UserDTO;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * @author yingyuwei
 * @version 1.0.0
 * @description TODO
 * @createTime 2021年03月01日 21:50:00
 */
@RestController
@RequestMapping("/api")
public class OrderController {

    @GetMapping("/order")
    @PreAuthorize("hasAuthority('USER')")
    public String order() {
        UserDTO userDTO = (UserDTO) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
        return userDTO.getUsername() + " 访问资源";
    }
}
